Type: Privilege Escalation
Vulnerable Version: v2.0.0
Fixed Version: v2.0.1
SecPanel’s one click install hardens your server against the most common and dangerous attacks. You can manage your server’s security from a web based dashboard.
When the software is installed it adds a user to sudo allowing access to various functions. Unfortunately, there is a flaw that exposes the password in plain text that would ultimately allow an attacker to escalate their privileges to root access.
Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.
We have deemed this vulnerability to be rated as CRITICAL due to the fact that root access can be obtained.
This vulnerability was tested against SecPanel v2.0.0 and is believed to exist in all prior versions.
This vulnerability was patched in SecPanel v2.0.1.
Vendor Contact Timeline:
2013-07-11: Vendor contacted via email.
2013-07-12: Vendor confirms vulnerability.
2013-07-15: Vendor issues update.
2013-07-22: Rack911 issues security advisory.